From f1459cd4b0225c07a2a818eb1cf0aad2fe5d16ed Mon Sep 17 00:00:00 2001
From: Austin Seipp <aseipp@pobox.com>
Date: Mon, 17 Feb 2014 08:23:31 -0600
Subject: [PATCH] grsecurity: add gradm-3.0-201401291757

This also ensures the appropriate udev rules are installed.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
---
 pkgs/os-specific/linux/gradm/default.nix | 51 ++++++++++++++++++++++++
 pkgs/top-level/all-packages.nix          |  2 +
 2 files changed, 53 insertions(+)
 create mode 100644 pkgs/os-specific/linux/gradm/default.nix

diff --git a/pkgs/os-specific/linux/gradm/default.nix b/pkgs/os-specific/linux/gradm/default.nix
new file mode 100644
index 000000000000..7272b5a22fab
--- /dev/null
+++ b/pkgs/os-specific/linux/gradm/default.nix
@@ -0,0 +1,51 @@
+{ fetchurl, stdenv, bison, flex, pam,
+  gcc, coreutils, findutils, binutils, bash }:
+
+stdenv.mkDerivation rec {
+  name    = "gradm-${version}";
+  version = "3.0-201401291757";
+
+  src  = fetchurl {
+    url    = "http://grsecurity.net/stable/${name}-${version}.tar.gz";
+    sha256 = "19p7kaqbvf41scc63n69b5v5xzpw3mbf5zy691rply8hdm7736cw";
+  };
+
+  buildInputs = [ gcc coreutils findutils binutils pam flex bison bash ];
+  preBuild = ''
+    substituteInPlace ./Makefile --replace "/usr/include/security/pam_" "${pam}/include/security/pam_"
+    substituteInPlace ./gradm_defs.h --replace "/sbin/grlearn"   "$out/sbin/grlearn"
+    substituteInPlace ./gradm_defs.h --replace "/sbin/gradm"     "$out/sbin/gradm"
+    substituteInPlace ./gradm_defs.h --replace "/sbin/gradm_pam" "$out/sbin/gradm_pam"
+  '';
+
+  postInstall = ''
+    mkdir -p $out/lib/udev/rules.d
+    cat > $out/lib/udev/rules.d/80-grsec.rules <<EOF
+    ACTION!="add|change", GOTO="permissions_end"
+    KERNEL=="grsec",          MODE="0622"
+    LABEL="permissions_end"
+    EOF
+  '';
+
+  makeFlags =
+    [ "DESTDIR=$(out)"
+      "CC=${gcc}/bin/gcc"
+      "FLEX=${flex}/bin/flex"
+      "BISON=${bison}/bin/bison"
+      "FIND=${findutils}/bin/find"
+      "STRIP=${binutils}/bin/strip"
+      "INSTALL=${coreutils}/bin/install"
+      "MANDIR=/share/man"
+      "MKNOD=true"
+    ];
+
+  enableParallelBuilding = true;
+
+  meta = {
+    description = "grsecurity RBAC administration and policy analysis utility";
+    homepage    = "https://grsecurity.net";
+    license     = stdenv.lib.licenses.gpl2;
+    platforms   = stdenv.lib.platforms.linux;
+    maintainers = [ stdenv.lib.maintainers.thoughtpolice ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 4f781502e3da..18ebecb2bec0 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -6578,6 +6578,8 @@ let
 
   gpm = callPackage ../servers/gpm { };
 
+  gradm = callPackage ../os-specific/linux/gradm { };
+
   hdparm = callPackage ../os-specific/linux/hdparm { };
 
   hibernate = callPackage ../os-specific/linux/hibernate { };